Source: libgnupg-interface-perl Version: 1.02-3 Severity: important Tags: ftbfs trixie sid User: debian-p...@lists.debian.org Usertags: perl-5.38-transition X-Debbugs-Cc: Andrew Ruthven <and...@etc.gen.nz>
This package fails to build from source with Perl 5.38 (currently in experimental.) http://perl.debian.net/rebuild-logs/perl-5.38-throwaway/libgnupg-interface-perl_1.02-3/libgnupg-interface-perl_1.02-3_amd64-2023-07-06T13:45:16Z.build Insecure directory in $ENV{PATH} while running with -T switch at /<<PKGBUILDDIR>>/blib/lib/GnuPG/Interface.pm line 355. Use of uninitialized value $line in pattern match (m//) at /<<PKGBUILDDIR>>/blib/lib/GnuPG/Interface.pm line 828. Use of uninitialized value $a in split at /<<PKGBUILDDIR>>/blib/lib/GnuPG/Interface.pm line 842. Use of uninitialized value $a in split at /<<PKGBUILDDIR>>/blib/lib/GnuPG/Interface.pm line 842. GnuPG Version 1.4 or 2.2+ required at (eval 208) line 83. t/taint.t .................. 1..2 Dubious, test returned 255 (wstat 65280, 0xff00) Failed 2/2 subtests This is a Debian specific test file (debian/patches/detect-taint-mode) but it seems to flag a real upstream issue. lib/GnuPG/Interface.pm has this: local $ENV{PATH} if tainted $ENV{PATH}; exec @command or die "exec() error: $ERRNO"; which broke with https://github.com/Perl/perl5/commit/5ede4453c4877110eb5214ff400c173210b101b1 for a good reason: an empty $ENV{PATH} is equivalent to '.' (cwd). Andrew, I'm copying you as you were involved in this stuff a few years back so you might still be interested :) Hm, possibly perl should add a Breaks for earlier versions once this is fixed. -- Niko Tyni nt...@debian.org
